Fix: Use base32 for IDs (#262)

Co-authored-by: AdrianGonz97 <[email protected]>

Author: pilcrowonpaper

.changeset/wicked-pots-exist.md

@@ -0,0 +1,5 @@
+---
+'sv': patch
+---
+
+fix: use base32 IDs in lucia add-on

packages/adders/lucia/index.ts

@@ -212,7 +212,7 @@ export default defineAdder({
 				imports.addNamespace(ast, '$lib/server/db/schema', 'table');
 				imports.addNamed(ast, '$lib/server/db', { db: 'db' });
 				imports.addNamed(ast, '@oslojs/encoding', {
-					encodeBase64url: 'encodeBase64url',
+					encodeBase32LowerCase: 'encodeBase32LowerCase',
 					encodeHexLowerCase: 'encodeHexLowerCase'
 				});
 				imports.addNamed(ast, '@oslojs/crypto/sha2', { sha256: 'sha256' });
@@ -233,8 +233,8 @@ export default defineAdder({
 				if (!ms.original.includes('export function generateSessionToken')) {
 					const generateSessionToken = dedent`					
 						export function generateSessionToken() {
-							const bytes = crypto.getRandomValues(new Uint8Array(18));
-							const token = encodeBase64url(bytes);
+							const bytes = crypto.getRandomValues(new Uint8Array(20));
+							const token = encodeBase32LowerCase(bytes);
 							return token;
 						}`;
 					ms.append(`\n\n${generateSessionToken}`);
@@ -390,7 +390,7 @@ export default defineAdder({
 				const [ts] = utils.createPrinter(typescript);
 				return dedent`
 					import { hash, verify } from '@node-rs/argon2';
-					import { encodeBase64url } from '@oslojs/encoding';
+					import { encodeBase32LowerCase } from '@oslojs/encoding';
 					import { fail, redirect } from '@sveltejs/kit';
 					import { eq } from 'drizzle-orm';
 					import * as auth from '$lib/server/auth';
@@ -480,7 +480,7 @@ export default defineAdder({
 					function generateUserId() {
 						// ID with 120 bits of entropy, or about the same as UUID v4.
 						const bytes = crypto.getRandomValues(new Uint8Array(15));
-						const id = encodeBase64url(bytes);
+						const id = encodeBase32LowerCase(bytes);
 						return id;
 					}